package com.framework.oauthclient.ext;

import org.springframework.lang.Nullable;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.Transient;

import java.util.Collection;

/**
 * @author zzg
 */
@Transient
public class ClientAuthenticationToken extends AbstractAuthenticationToken {
    private Object principal;
    private String accessToken;
    private String refreshToken;

    public ClientAuthenticationToken(Object principal,
                                     Collection<? extends GrantedAuthority> authorities, String accessToken,
                                     @Nullable String refreshToken) {
        super(authorities);
        this.principal = principal;
        this.accessToken = accessToken;
        this.refreshToken = refreshToken;
        // 设置为 true 后不需要 provider （grantType -> converter->ProviderManager->token->provider）
        // 本jar包直接addFilter -> ClientAuthenticationManager(不走公共的ProviderManager) -> token
        this.setAuthenticated(true);
    }

    @Override
    public Object getCredentials() {
        return this.accessToken;
    }

    @Override
    public Object getPrincipal() {
        return this.principal;
    }
}
